Limit Endpoints where you can manage Azure from
I would love to have a possibility to control what endpoints you are allowed to manage your Azure Services from. Like an ACL, management can be done from these endpoints (ip addresses) and from no place else. Today we have to use ADFS and special domains in the UPN to be able to resolve this. But it doesn't apply for all accounts.
So having that possibility would be great. Jump Servers has been used for many years in the on-prem world. And even if you use MFA there is no way to guarantee that the endpoint that you are managing from isn't compromised.
I would like to use a Jump Server and Limit the Endpoints where the management can be run from.